Real-Time and Embedded Systems Lab (mLAB)Copyright (c) 2015 University of Pennsylvania All rights reserved.http://repository.upenn.edu/mlab_papers
Recent documents in Real-Time and Embedded Systems Lab (mLAB)en-usMon, 02 Mar 2015 13:15:45 PST3600Robust Model Predictive Control with Anytime Estimationhttp://repository.upenn.edu/mlab_papers/71
http://repository.upenn.edu/mlab_papers/71Mon, 09 Feb 2015 18:12:54 PST
With an increasing autonomy in modern control systems comes an increasing amount of sensor data to be processed, leading to overloaded computation and communication in the systems. For example, a vision-based robot controller processes large image data from cameras at high frequency to observe the robot’s state in the surrounding environment, which is used to compute control commands. In real-time control systems where large volume of data is processed for feedback control, the data-dependent state estimation can become a computation and communication bottleneck, resulting in potentially degraded control performance. Anytime algorithms, which offer a trade-off between execution time and accuracy of computation, can be leveraged in such systems. We present a Robust Model Predictive Control approach with an Anytime State Estimation Algorithm, which computes both the optimal control signal for the plant and the (time-varying) deadline/accuracy constraint for the anytime estimator. Our approach improves the system’s performance (concerning both the control performance and the estimation cost) over conventional controllers, which are designed for and operate at a fixed computation time/accuracy setting. We numerically evaluate our approach in an idealized motion model for navigation with both state and control constraints.
]]>
Truong X Nghiem et al.CPS Embedded ControlRequirement-Guided Model Refinementhttp://repository.upenn.edu/mlab_papers/70
http://repository.upenn.edu/mlab_papers/70Tue, 02 Dec 2014 09:07:22 PST
Medical device is a typical Cyber-Physical System and ensuring the safety and efficacy of the device requires closed-loop verification. Currently closed-loop verifications of medical devices are performed in the form of clinical trials in which the devices are tested on the patients.
]]>
Zhihao Jiang et al.CPS MedicalCPS Formal MethodsCPS TheoryPeak Power Control of Battery and Super-capacitor Energy Systems in Electric Vehicleshttp://repository.upenn.edu/mlab_papers/69
http://repository.upenn.edu/mlab_papers/69Fri, 21 Mar 2014 13:01:29 PDT
Hybrid energy systems consist of a load powered by a source and a form of energy storage. Systems with mixed energy supply find applications in the electric grid with renewable and non-renewable sources, in mission critical systems such as Mars rovers with rechargeable and non-rechargeable batteries and low-power monitoring systems with energy harvesting. A general problem for hybrid energy systems is the reduction of peak power consumption to ensure cost-efficient operation as peak power draws require additional resources, adversely affect the system reliability and storage lifetime. Furthermore, in some cases such as electric vehicles, the load dynamics are fast, not perfectly known a priori and the computation power available is often limited, making the implementation of traditional optimal control difficult. This paper aims to develop a control scheme to reduce the peak power drawn from the source for hybrid energy systems with limited computation power and limited load forecasts. We propose a scheme with two control levels and provide a sufficient condition for control of the different energy storage/generation components to meet the instantaneous load while satisfying a peak power threshold. The scheme provides performance comparable to Model Predictive Control, while requiring less computation power and only coarse-grained load predictions. As a case study we implement the scheme for a battery-supercapacitor system in an electric vehicle with real world drive cycles to demonstrate the low execution time and effective reduction of the battery power (hence temperature), which is crucial to the lifetime of the battery.
]]>
Yash Vardhan Pant et al.Peak Power Reduction in Hybrid Energy Systems with Limited Load Forecastshttp://repository.upenn.edu/mlab_papers/68
http://repository.upenn.edu/mlab_papers/68Fri, 21 Mar 2014 11:57:28 PDT
Hybrid energy systems, which consist of a load powered by a source and a form of energy storage, find applications in many systems, e.g., the electric grid and electric vehicles. A key problem for hybrid energy systems is the reduction of peak power consumption to ensure cost-efficient operation as peak power draws require additional resources and adversely affect the system reliability and lifetime. Furthermore, in some cases such as electric vehicles, the load dynamics are fast, not perfectly known in advance and the on-board computation power is often limited, making the implementation of traditional optimal control difficult. We aim to develop a control scheme to reduce the peak power drawn from the source for hybrid energy systems with limited computation power and limited load forecasts. We propose a scheme with two control levels and provide a sufficient condition for control of the different energy storage/generation components to meet the instantaneous load while satisfying a peak power threshold. The scheme provides performance comparable to Model Predictive Control, while requiring less computation power and only coarse-grained load predictions. For a case study, we implement the scheme for a battery-supercapacitor-powered electric vehicle with real world drive cycles to demonstrate the low execution time and effective reduction of the battery power (hence temperature), which is crucial to the lifetime of the battery.
]]>
Yash Vardhan Pant et al.IMpACT: Inverse Model Accuracy and Control Performance Toolbox for Buildingshttp://repository.upenn.edu/mlab_papers/67
http://repository.upenn.edu/mlab_papers/67Sun, 16 Mar 2014 18:23:03 PDT
Uncertainty affects all aspects of building performance: from the identification of models, through the implementation of model-based control, to the operation of the deployed systems. Learning models of buildings from sensor data has a fundamental property that the model can only be as accurate and reliable as the data on which it was trained. For small and medium size buildings, a low-cost method for model capture is necessary to take advantage of optimal model-based supervisory control schemes. We present IMpACT, a methodology and a toolbox for analysis of uncertainty propagation for building inverse modeling and controls. Given a plant model and real input data, IMpACT automatically evaluates the effect of the uncertainty propagation from sensor data to model accuracy and control performance. We also present a statistical method to quantify the bias in the sensor measurement and to determine near optimal sensor placement and density for accurate signal measurements. In our previous work, we considered the end-to-end propagation of uncertainty in the form of fixed bias in the sensor data. In this paper, we extend the method to work with random errors in the sensor data, which is more realistic. Using a real building test-bed, we show how performing an uncertainty analysis can reveal trends about inverse model accuracy and control performance, which can be used to make informed decisions about sensor requirements and data accuracy.
]]>
Madhur Behl et al.Model-IQ: Uncertainty Propagation from Sensing to Modeling and Control in Buildings.http://repository.upenn.edu/mlab_papers/66
http://repository.upenn.edu/mlab_papers/66Sat, 08 Feb 2014 20:09:25 PST
A fundamental problem in the design of closed-loop Cyber-Physical Systems (CPS) is in accurately capturing the dynamics of the underlying physical system. To provide optimal control for such closed-loop systems, model-based controls require accurate physical plant models. It is hard to analytically establish (a) how data quality from sensors affects model accuracy, and consequently, (b) the effect of model accuracy on the operational cost of model-based controllers. We present the Model-IQ toolbox which, given a plant model and real input data, automatically evaluates the effect of this uncertainty propagation from sensor data to model accuracy to controller performance. We apply the Model-IQ uncertainty analysis for model-based controls in buildings to demonstrate the cost-benefit of adding temporary sensors to capture a building model. We show how sensor placement and density bias training data. For the real building considered, a bias of 1% degrades model accuracy by 20%. Model-IQ's automated process lowers the cost of sensor deployment, model training and evaluation of advanced controls for small and medium sized buildings. Such end-to-end analysis of uncertainty propagation has the potential to lower the cost for CPS with closed-loop model based control. We demonstrate this with real building data in the Department of Energy's HUB.
]]>
Madhur Behl et al.Distributed Control for Cyber-Physical Systemshttp://repository.upenn.edu/mlab_papers/65
http://repository.upenn.edu/mlab_papers/65Wed, 18 Dec 2013 14:56:14 PST
Networked Cyber-Physical Systems (CPS) are fundamentally constrained by the tight coupling and closed-loop control and actuation of physical processes. To address actuation in such closed-loop wireless control systems there is a strong need to re-think the communication architectures and protocols for maintaining stability and performance in the presence of disturbances to the network, environment and overall system objectives. We review the current state of network control efforts for CPS and present two complementary approaches for robust, optimal and composable control over networks. We first introduce a computer systems approach with Embedded Virtual Machines (EVM), a programming abstraction where controller tasks, with their control and timing properties, are maintained across physical node boundaries. Controller functionality is decoupled from the physical substrate and is capable of runtime migration to the most competent set of physical controllers to maintain stability in the presence of changes to nodes, links and network topology.

We then view the problem from a control theoretic perspective to deliver fully distributed control over networks with Wireless Control Networks (WCN). As opposed to traditional networked control schemes where the nodes simply route information to and from a dedicated controller, our approach treats the network itself as the controller. In other words, the computation of the control law is done in a fully distributed way inside the network. In this approach, at each time-step, each node updates its internal state to be a linear combination of the states of the nodes in its neighborhood. This causes the entire network to behave as a linear dynamical system, with sparsity constraints imposed by the network topology. This eliminates the need for routing between “sensor → channel → dedicated controller/estimator → channel → actuator”, allows for simple transmission scheduling, is operational on resource constrained low-power nodes and allows for composition of additional control loops and plants. We demonstrate the potential of such distributed controllers to be robust to a high degree of link failures and to maintain stability even in cases of node failures.

]]>
Rahul Mangharam et al.Using the Virtual Heart Model to Validate the Mode-Switch Pacemaker Operationhttp://repository.upenn.edu/mlab_papers/64
http://repository.upenn.edu/mlab_papers/64Mon, 09 Dec 2013 14:20:25 PST
Artificial pacemakers are one of the most widely-used implantable devices today, with millions implanted worldwide. The main purpose of an artificial pacemaker is to treat bradycardia, or slow heart beats, by pacing the atrium and ventricles at a faster rate. While the basic functionality of the device is fairly simple, there are many documented cases of death and injury due to device malfunctions. The frequency of malfunctions due to firmware problems will only increase as the pacemaker operations become more complex in an attempt to expand the use of the device. One reason these malfunctions arise is that there is currently no methodology for formal validation and verification of medical device software, as there are in the safety-critical domains of avionics and industrial control automation. We have developed a timed-automata based Virtual Heart Model (VHM) to act as platform for medical device software validation and verification. Through a case study involving multiple arrhythmias, this investigation shows how the VHM can be used with closed-loop operation of a pacemaker to validate the necessity and functionality of the complex mode-switch pacemaker operation. We demonstrate the correct pacemaker operation, to switch from one rhythm management mode to another, in patients with supraventricular tachycardias.
]]>
Zhihao Jiang et al.Uncertainty Propagation from Sensing to Modeling and Control in Buildings - Technical Reporthttp://repository.upenn.edu/mlab_papers/63
http://repository.upenn.edu/mlab_papers/63Mon, 21 Oct 2013 11:03:35 PDT
A fundamental problem in the design of closed-loop Cyber-Physical Systems (CPS) is in accurately capturing the dynamics of the underlying physical system. To provide optimal control for such closed-loop systems, model-based controls require accurate physical plant models. It is hard to analytically establish (a) how data quality from sensors affects model accuracy, and consequently, (b) the effect of model accuracy on the operational cost of model-based controllers. We present the Model-IQ toolbox which, given a plant model and real input data, automatically evaluates the effect of this uncertainty propagation from sensor data to model accuracy to controller performance. We apply the Model-IQ uncertainty analysis for model-based controls in buildings to demonstrate the cost-benefit of adding temporary sensors to capture a building model. Model-IQ's automated process lowers the cost of sensor deployment, model training and evaluation of advanced controls for small and medium sized buildings. Model-IQ provides recommendation of sensor placement and density to trade-off the cost of additional sensors with energy savings by the improved controller performance. Such end-to-end analysis of uncertainty propagation has the potential to lower the cost for CPS with closed-loop model based control. We demonstrate this with real building data in the Department of Energy's HUB.
]]>
Madhur Behl et al.GrooveSim: A Topography-Accurate Simulator for Geographic Routing in Vehicular Networkshttp://repository.upenn.edu/mlab_papers/62
http://repository.upenn.edu/mlab_papers/62Mon, 15 Jul 2013 07:18:26 PDT
Vehicles equipped with wireless communication devices are poised to deliver vital services in the form of safety alerts, traffic congestion probing and on-road commercial applications. Tools to evaluate the performance of vehicular networks are a fundamental necessity. While several traffic simulators have been developed under the Intelligent Transport System initiative, their primary focus has been on modeling and forecasting vehicle traffic flow and congestion from a queuing perspective. In order to analyze the performance and scalability of inter-vehicular communication protocols, it is important to use realistic traffic density, speed, trip, and communication models. Studies on multi-hop mobile wireless routing protocols have shown the performance varies greatly depending on the simulation models employed. We introduce GrooveSim, a simulator for geographic routing in vehicular networks to address the need for a robust, easy-touse realistic network and traffic simulator. GrooveSim accurately models inter-vehicular communication within a real street map-based topography. It operates in five modes capable of actual on-road inter-vehicle communication, simulation of traffic networks with thousands of vehicles, visual playback of driving logs, hybrid simulation composed of real and simulated vehicles and easy test-scenario generation. Our performance results, supported by field tests, establish geographic broadcast routing as an effective means to deliver time-bounded messages over multiple-hops.
]]>
Rahul Mangharam et al.The Car and The Cloud: Automotive Architectures for 2020http://repository.upenn.edu/mlab_papers/61
http://repository.upenn.edu/mlab_papers/61Mon, 15 Jul 2013 07:15:40 PDT
Three trends are emerging in drivers’ expectations for their vehicle: (1) continuous connectivity with both the infrastructure (e.g., smart traffic intersections) and other commuters, (2) enhanced levels of productivity and entertainment for the duration of travel, and (3) reduction in cognitive load through semiautonomous operation and automated congestion-aware route planning. To address these demands, vehicles should become more programmable so that almost every aspect of engine control, cabin comfort, connectivity, navigation, and safety will be remotely upgradable and designed to evolve over the lifetime of the vehicle.

Progress toward the vehicle of the future will entail new approaches in the design and sustainability of vehicles so that they are connected to networked traffic systems and are programmable over the course of their lifetime. To that end, our automotive research team at the University of Pennsylvania is devel- oping an in-vehicle programmable system, AutoPlug, an automotive architecture for remote diagnostics, testing, and code updates for dispatch from a datacenter to vehicle electronic controller units. For connected vehicles, we are implementing a networked vehicle platform, GrooveNet, that allows communication between real and simulated vehicles to evaluate the feasibility and application of vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication; the focus in this paper is on its application to safety. Finally, we are working on a tool for large-scale traffic congestion analysis, AutoMatrix, capable of simulating over 16 million vehicles on any US street map and computing real-time fastest paths for a large subset of vehicles. The tools and platforms described here are free and open-source from the author.

]]>
Rahul MangharamScalable Scheduling of Building Control Systems for Peak Demand Reductionhttp://repository.upenn.edu/mlab_papers/60
http://repository.upenn.edu/mlab_papers/60Mon, 15 Jul 2013 07:15:38 PDT
In large energy systems, peak demand might cause severe issues such as service disruption and high cost of energy production and distribution. Under the widely adopted peak-demand pricing policy, electricity customers are charged a very high price for their maximum demand to discourage their energy usage in peak load conditions. In buildings, peak demand is often the result of temporally correlated energy demand surges caused by uncoordinated operation of sub-systems such as heating, ventilating, air conditioning and refrigeration (HVAC&R) systems and lighting systems. We have previously presented green scheduling as an approach to schedule the building control systems within a constrained peak demand envelope while ensuring that custom climate conditions are facilitated. This paper provides a sufficient schedulability condition for the peak constraint to be realizable for a large and practical class of system dynamics that can capture certain nonlinear dynamics, inter-dependencies, and constrained disturbances. We also present a method for synthesizing periodic schedules for the system. The proposed method is demonstrated in a simulation example to be scalable and effective for a large-scale system.
]]>
Truong Nghiem et al.Topological conditions for in-network stabilization of dynamical systemshttp://repository.upenn.edu/mlab_papers/59
http://repository.upenn.edu/mlab_papers/59Fri, 05 Jul 2013 06:06:15 PDT
We study the problem of stabilizing a linear system over a wireless network using a simple in-network computation method. Specifically, we study an architecture called the "Wireless Control Network'' (WCN), where each wireless node maintains a state, and periodically updates it as a linear combination of neighboring plant outputs and node states. This architecture has previously been shown to have low computational overhead and beneficial scheduling and compositionality properties. In this paper we characterize fundamental topological conditions to allow stabilization using such a scheme. To achieve this, we exploit the fact that the WCN scheme causes the network to act as a linear dynamical system, and analyze the coupling between the plant's dynamics and the dynamics of the network. We show that stabilizing control inputs can be computed in-network if the vertex connectivity of the network is larger than the geometric multiplicity of any unstable eigenvalue of the plant. This condition is analogous to the typical min-cut condition required in classical information dissemination problems. Furthermore, we specify equivalent topological conditions for stabilization over a wired (or point-to-point) network that employs network coding in a traditional way -- as a communication mechanism between the plant's sensors and decentralized controllers at the actuators.
]]>
Miroslav Pajic et al.Closed-loop Verification of Medical Devices With Model Abstraction and Refinementhttp://repository.upenn.edu/mlab_papers/58
http://repository.upenn.edu/mlab_papers/58Wed, 08 May 2013 20:05:36 PDT
The design and implementation of software for medical devices is challenging due to the closed-loop interaction with the patient, which is a stochastic physical environment. The safety-critical nature and the lack of existing industry standards for verification, make this an ideal domain for exploring applications of formal modeling and closed-loop analysis. The biggest challenge is that the environment model(s) have to be both complex enough to express the physiological requirements, and general enough to cover all possible inputs to the device. In this effort, we use a dual chamber implantable pacemaker as a case study to demonstrate verification of software specifications of medical devices as timed-automata models in UPPAAL. The pacemaker model is based on the specifications and algorithm descriptions from Boston Scientific. The heart is modeled using timed automata based on the physiology of heart. The model is gradually abstracted with timed simulation to preserve properties. A manual Counter-Example-Guided Abstraction and Refinement (CEGAR) framework has been adapted to refine the heart model when spurious counter-examples are found. To demonstrate the closed-loop nature of the problem and heart model refinement, we investigated two clinical cases of Pacemaker Mediated Tachycardia and verified their corresponding correction algorithms in the pacemaker. Along with our tools for code generation from UPPAAL models, this effort enables model-driven design and certification of software for medical devices.
]]>
Zhihao Jiang et al.Event-based Green Scheduling of Radiant Systems in Buildingshttp://repository.upenn.edu/mlab_papers/57
http://repository.upenn.edu/mlab_papers/57Thu, 21 Mar 2013 12:14:04 PDT
This paper looks at the problem of peak power demand reduction for intermittent operation of radiant systems in buildings. Uncoordinated operation of the circulation pumps of a multi-zone hydronic radiant system can cause temporally correlated electricity demand surges when multiple pumps are activated simultaneously. Under a demand-based electricity pricing policy, this uncoordinated behavior can result in high electricity costs and expensive system operation. We have previously presented Green Scheduling with the periodic scheduling approach for reducing the peak power demand of electric radiant heating systems while maintaining indoor thermal comfort. This paper develops an event-based state feedback scheduling strategy that, unlike periodic scheduling, directly takes into account the disturbances and is thus more suitable for building systems. The effectiveness of the new strategy is demonstrated through simulation in MATLAB.
]]>
Truong X. Nghiem et al.Networked Realization of Discrete-Time Controllershttp://repository.upenn.edu/mlab_papers/56
http://repository.upenn.edu/mlab_papers/56Thu, 21 Mar 2013 12:07:23 PDT
We study the problem of mapping discrete-time linear controllers into potentially higher order linear controllers with predefined structural constraints. Our work has been motivated by the Wireless Control Network (WCN) architecture, where the network itself behaves as a distributed, structured dynamical compensator. We make connections to model reduction theory to derive a method for the controller embedding based on minimization of the H∞-norm of the error system. This allows us to frame the problem as synthesis of optimal structured linear controllers, which enables the utilization of design-time iterative procedures for systems’ approximation. Finally, we illustrate the use of the mapping procedure by embedding PID controllers into the WCN substrate, and show how to reduce the computation overhead of the approximation procedure.
]]>
Fei Miao et al.Heart-on-a-Chip: A Closed-loop Testing Platform for Implantable Pacemakershttp://repository.upenn.edu/mlab_papers/55
http://repository.upenn.edu/mlab_papers/55Fri, 15 Mar 2013 19:40:49 PDT
Implantable cardiac pacemakers restore normal heart rhythm by delivering external electrical pacing to the heart. The pacemaker software is life-critical as the timing of the pulses determine its ability to control the heart rate. Recalls due to software issues have been on the rise with the increasing complexity of pacing algorithms. Open-loop testing remains the primary approach to evaluate the safety of pacemaker software. While this tests how the pacemaker responds to stimulus, it cannot reveal pacemaker malfunctions which drive the heart into an unsafe state over multiple cycles. To evaluate the safety and efficacy of pacemaker software we have developed a heart model to generate different heart conditions and interact with real pacemakers. In this paper, we introduce the closed-loop testing platform which consists of a programmable hardware implementation of the heart that can interact with a commercial pacemaker in closed-loop. The heart-on-a-chip implementation is automatically generated from the Virtual Heart Model in Simulink which models different heart conditions. We describe a case study of Endless Loop Tachycardia to demonstrate potential closed-loop pacemaker malfunctions which inappropriately increase the heart rate. The test platform is part of our model-based design framework for verification and testing of medical devices with the patient--in-the-loop.
]]>
Zhihao Jiang et al.ProtoDrive: An Experimental Platform for Electric Vehicle Energy Scheduling and Controlhttp://repository.upenn.edu/mlab_papers/54
http://repository.upenn.edu/mlab_papers/54Tue, 18 Dec 2012 09:44:56 PSTStephanie Diaz et al.Robust Architectures for Embedded Wireless Network Control and Actuationhttp://repository.upenn.edu/mlab_papers/53
http://repository.upenn.edu/mlab_papers/53Sun, 21 Oct 2012 13:38:12 PDT
Networked Cyber-Physical Systems are fundamentally constrained by the tight coupling and closed-loop control of physical processes. To address actuation in such closed-loop wireless control systems there is a strong need to re-think the communication architectures and protocols for reliability, coordination and control. We introduce the Embedded Virtual Machine (EVM), a programming abstraction where controller tasks with their control and timing properties are maintained across physical node boundaries and functionality is capable of migrating to the most competent set of physical controllers. In the context of process and discrete control, an EVM is the distributed runtime system that dynamically selects primary-backup sets of controllers given spatial and temporal constraints of the underlying wireless network. EVM-based algorithms allow network control algorithms to operate seamlessly over less reliable wireless networks with topological changes. They introduce new capabilities such as predictable outcomes during sensor/actuator failure, adaptation to mode changes and runtime optimization of resource consumption. An automated design flow from Simulink to platform-independent domain specific languages, and subsequently, to platform-dependent code generation is presented. Through case studies in discrete and process control we demonstrate the capabilities of EVM-based wireless network control systems.
]]>
Miroslav Pajic et al.Model-Driven Safety Analysis of Closed-Loop Medical Systemshttp://repository.upenn.edu/mlab_papers/52
http://repository.upenn.edu/mlab_papers/52Sun, 21 Oct 2012 13:24:39 PDT
In modern hospitals, patients are treated using a wide array of medical devices that are increasingly interacting with each other over the network, thus offering a perfect example of a cyber-physical system. We study the safety of a medical device system for the physiologic closed-loop control of drug infusion. The main contribution of the paper is the verification approach for the safety properties of closed-loop medical device systems. We demonstrate, using a case study, that the approach can be applied to a system of clinical importance. Our method combines simulation-based analysis of a detailed model of the system that contains continuous patient dynamics with model checking of a more abstract timed automata model. We show that the relationship between the two models preserves the crucial aspect of the timing behavior that ensures the conservativeness of the safety analysis. We also describe system design that can provide open-loop safety under network failure.
]]>
Miroslav Pajic et al.CPS Medical